Cybersecurity specialists from a prestigious firm have disclosed the presence of a critical vulnerability in the email message scanning tool of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA). If exploited, this flaw could allow an unauthenticated, remote threat actor to bypass configured filters on the targeted device.
According to the report, the vulnerability, tracked as CVE-2020-3133, exists due to inadequate validation of incoming emails. Malicious hackers could abuse of this condition by simply sending a specially crafted email message to the target user, protected with ESA enabled.
Successful exploitation could trigger a bypass of user-configured filters, allowing attackers to inject malicious content into the device. The flaw is only exploitable with local access to the target system.
When Cisco received the report, it was confirmed that this vulnerability was affecting any Cisco ESA releases earlier than 13.0.
After receiving the report, the company started working to release the corresponding software updates to address this vulnerability. So far, there are no known workarounds to mitigate exploitation risk, so users of affected implementations must install the official updates as soon as possible.
More details about this vulnerability, possible attack scenarios and available updates are on the company’s official platforms.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.